Course Description

Despite your best efforts, security incidents will happen, and it's important you know how to properly respond and recover to protect enterprise assets. This course covers incident handling best practices, including discovery, escalation, reporting, and response. It also details appropriate countermeasures and continuity practices in addition to an overview of forensic investigation best practices, including appropriate evidence handling and chain of custody activities. This course is one of a series in the Skillsoft learning path that covers the objectives for the (ISC)2 Systems Security Certified Practitioner Exam.

Learning Objectives

Participating in Incident Handling

start the course

describe incident discovery activities

identify incident escalation activities

identify lessons learned activities

identify incident response best practices

identify best practices when implementing countermeasures

Supporting Forensic Investigations

identify first responder best practices during forensic investigation activities

identify best practices for evidence handling during forensic investigation activities

describe characteristics and best practices of chain of custody during forensic investigation activities

identify best practices for preservation of scene during forensic investigation activities

Supporting Business Continuity Activities

describe characteristics and best practices for supporting emergency response plans and procedures

describe interim or alternate processing strategies as part of business continuity activities

identify best practices for restoration planning as part of business continuity activities

describe characteristics and best practices for implementing backup and redundancy options

describe characteristics and best practices for testing and drills for supporting emergency response plans and procedures

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.